Search
14,626 CVEs · Low severity
CVEs (14,626, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 451–475 of 14,626 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2002-0080 | LOW | Patched | 2.1 | 2002-03-15 | rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could… |
| CVE-2002-0087 | LOW | 2.1 | 2002-03-15 | bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files. | |
| CVE-2002-0110 | LOW | Patched | 2.1 | 2002-03-25 | Nevrona Designs MiraMail 1.04 and earlier stores authentication information such as POP usernames and passwords in plaintext in a .ini file, which allows an attacker to gai… |
| CVE-2002-0120 | LOW | 2.1 | 2002-03-25 | Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information. | |
| CVE-2002-0121 | LOW | 2.1 | 2002-03-25 | PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections. | |
| CVE-2002-0129 | LOW | 2.1 | 2002-03-25 | efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message. | |
| CVE-2002-0138 | LOW | 2.1 | 2002-03-25 | CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command. | |
| CVE-2002-0141 | LOW | 1.2 | 2002-03-25 | Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of other Maelstrom users via a symlink attack on the /tmp/f file. | |
| CVE-2002-0040 | LOW | 2.1 | 2002-03-28 | Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allo… | |
| CVE-2002-0172 | LOW | 2.1 | 2002-05-16 | /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic dis… | |
| CVE-2002-0202 | LOW | 3.6 | 2002-05-16 | PaintBBS 1.2 installs certain files and directories with insecure permissions, which allows local users to (1) obtain the encrypted server password via the world-readable o… | |
| CVE-2002-0213 | LOW | 2.1 | 2002-05-16 | xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a share… | |
| CVE-2002-0214 | LOW | 2.1 | 2002-05-16 | Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with we… | |
| CVE-2002-0234 | LOW | Patched | 2.1 | 2002-05-29 | NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of … |
| CVE-2002-0271 | LOW | 1.2 | 2002-05-29 | Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files. | |
| CVE-2002-0355 | LOW | Patched | 2.1 | 2002-05-29 | netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions. |
| CVE-2002-0377 | LOW | 2.1 | 2002-05-29 | Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other … | |
| CVE-2002-0284 | LOW | 2.6 | 2002-05-31 | Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the … | |
| CVE-2002-0292 | LOW | Patched | 2.6 | 2002-05-31 | Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from o… |
| CVE-2002-0294 | LOW | 2.1 | 2002-05-31 | Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system. | |
| CVE-2002-0296 | LOW | 1.2 | 2002-05-31 | The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file. | |
| CVE-2002-0042 | LOW | Patched | 2.1 | 2002-06-18 | Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS. |
| CVE-2002-0389 | LOW | 2.1 | 2002-06-18 | Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives. | |
| CVE-2002-0577 | LOW | 2.1 | 2002-06-18 | Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. | |
| CVE-2002-0334 | LOW | Patched | 2.1 | 2002-06-25 | xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file. |